KAPITEL 8 DNS Domain Name System DNS Service

KAPITEL 8 DNS Domain Name System

DNS Service • Domain Name System (DNS) is a system that translates between domain names and IP addresses – For example from www. ascom. no to 195. 191. 133. 67 • Makes it possible to assign new IP addresses to servers as the domain name is the same. • DNS uses UDP port 53

DNS • DNS is a hierarchical distributed naming system. • Domain names consists of two parts www. ascom. no – A host name: www • A specific webserver located at ascom. no – A domain name: ascom. no • A full domain name is also called a FQDN. – Fully Qualified Domain Name (FQDN).

DNS zones

DNS zones • A domain name is read from the right side to the left side • Dots (. ) divides the domain name in sections • A dot means authority is delegated to a operator. – The TLD no is operated by by the company norid (www. norid. no) – Norid delegates control of ascom. no to Ascom in norway. – Ascom in norway operates a DNS servers with an entry stating that the IP address of www. ascom. no is 195. 191. 133. 67 Domain name: Host navn Second level domain Top level domain www. ascom. no

DNS zones • There are 13 root-servers named a to m. – a. root-servers. net –… – m. root-servers. net • The 13 root-servers has well known IP addresses • The root-servers are the top level of the hierarchical distributed database.

www. ascom. no

DNS name rules • Domain names maximum length is 63 characters including dots. • The maximum length of FQDN names is 255 characters. • No distingtion between upper or lower case in letters www. asom. no max. 63 kar. max. 255 kar.

Client DNS config Addresses on DNS servers the host will use for translating domain names. Often configured using DHCP

DNS- Example A user wants to see www. ascom. no

1: Client ask local DNS Which IP address has www. ascom. no?

2: Local DNS asks root Lokale DNS spørger root server

2: root server knows. no Root server returns IP address of. no server in norway

3: Ask. no for www. ascom. no dont know www. ascom. no but it knows the next authority. ascom. no DNS server and returns the IP address of the ascom. no DNS server

4: Then ask ascom. no The ascom. no DNS server knows www. ascom. no and returns the IP address of the web server

5: The client get the answer www. ascom. no is 195. 191. 133. 67

6: Get the web-page The local DNS server will normally be a caching DNS server meaning it will remember what it learns reducing traffic and decreasing respond time. All information has a time-to-live. The information will be deleted when time-to-live expires.

Caching DNS information • My computer – Windows 7 caches the information it learns from the DNS system • Uses time-to-live to timeout the information

DNS • Domain Name System – Oversætte mellem domænenave og IP adresser • Windows DNS test kommando nslookup

DNS Records • Flere oplysninger i DNS databaser – Kaldes DNS Record types • DNS Klienter spørger DNS servere Record Type A AAAA MX SOA Forklaring En A-record anvendes til at binde et Hostnavn til en IPv 4 adresse. En AAAA-record anvendes til at binde et Hostnavn til en IPv 6 adresse. MX eller Mail-e. Xchange anvendes til at finde et domænes mailservere. SOA eller Start-of-Authority anvendes til at finde oplysninger om en Zone.

A-Record • Er IPv 4 Host navn – nslookup anvendt til at spørge om specifik type

AAAA-Record • Er IPv 6 Host navn – nslookup anvendt til at spørge om specifik type

Windows standard • Windows spørger som standard på både A -Record og AAAA-Record

MX-Record • MX eller Mail Exchange Recorden – Anvendes til at finde domænes mail-server – IP på mail findes med A og/eller AAAA

DNS Servere • Tre typer af DNS servere findes • Primær DNS server – Har ansvaret for en zone fx. tdc. dk • Sekundær DNS server – Er slave til en primær – En ændring på primær overføres automatisk • Caching DNS server – Gemmer lært DNS information midlertidigt

SOA Record • SOA – Start Of Authority Record – Indeholder oplysninger om en zone

Caching DNS server • Homebox Routere indeholder oftest Caching DNS server • nslookup anvender homebox som DNS

Primær/Sekundær DNS • Primære og sekundære DNS servere kan ses med nslookup

Bind • /etc/bind/named. conf. options – Indeholder options og forwarders – • forwarders { # Replace the address below with the address of your provider’s DNS server 172. 16. 4. 66; }; /etc/bind/named. conf. local – Indeholder zoner og config

Named. conf. local #Forward lookup zone for cluster. tekkom. dk zone “cluster. tekkom. dk” { type master; file “/etc/bind/zones/cluster. tekkom. dk. db”; }; #Revers lookup zone for 192. 168. 0. x zone “ 0. 168. 192. in-addr. arpa” { type master; file “/etc/bind/zones/0. 168. 192. in-addr. arpa”; };

Zone filerne • Mkdir /etc/bind/zones • Nano /etc/bind/zones/cluster. tekkom. dk. db • Nano /etc/bind/zones/0. 168. 192. inaddr. arpa

Cluster. tekkom. dk. Zonen • Nano /etc/bind/zones/cluster. tekkom. dk. db $TTL 1 D cluster. tekkom. dk. IN SOA ns 1. cluster. tekkom. dk. admin. cluster. tekkom. dk. ( ; // Do not modify the following lines! 2007031001 //Serial 28800 //Refresh 3600 //Retry 604800 //Expire 38400 //TTL ) @ IN NS ns 1. cluster. tekkom. dk. ns 1 IN A 192. 168. 0. 11 www IN CNAME ns 1 http: //support. microsoft. com/kb/163971

0. 168. 192. in-addr. arpa. Zonen • Nano /etc/bind/zones/0. 168. 192. inaddr. arpa $TTL 1 D @ IN SOA ns 1. cluster. tekkom. dk. admin. cluster. tekkom. dk. ( ; // Do not modify the following lines! 2007031001 //Serial 28800 //Refresh 3600 //Retry 604800 //Expire 38400 //TTL ) @ IN NS ns 1. cluster. tekkom. dk. 11 IN PTR ns 1. cluster. tekkom. dk.

Bind 9 • /etc/init. d/bind 9 restart • Dig cluster. tekkom. dk • Nslookup ns 1 • tail -f /var/log/syslog